Skip to main content

Python language support now beta in Snyk Code

著者:

Frank Fischer

2021年4月13日

0 分で読めます

Snyk Code now offers beta support for Python 2.x and 3.x projects. You do not have to install or update anything since we added the support to the backend engine and it is available instantly to be used. When a repository is scanned, you will see Python beta results showing up. If you cannot wait for a scheduled rescan, you can manually trigger a scan.

Why beta? While the Python support in Snyk Code offers valuable security rules, it does not currently offer curated content (background texts, external links, typical remedies, examples of remedies from open-source projects, and much more). So while you’ll be able to start using Snyk Code for Python projects, you won’t have the same level of quality content that you’re accustomed to from Snyk. Once we have all the context in place, we’ll mark Python fully supported.

This beta is just the start of expanded language support in Snyk Code. We’ll be releasing more languages in beta moving forward, so stay tuned.

We are using a heuristic to determine if a source code file contains Python and then use the knowledge base accordingly. Results are displayed within the Snyk UI, with all results flagged as Beta. Optionally, you can use the filter mechanisms to suppress any results of a language you don’t want to see.

wordpress-sync/blog-code-python-beta-path-traversal

You can also scan open source repositories. Just go to Add project > Monitor public or GitHub projects. You can then add the GitHub path and the project will be scanned. Notice the book flag next to the repository in the project overview. It signals that this is a public repository.

If you are using JetBrains PyCharm, you can use the Snyk JetBrains plugin. Just go to Settings > Plugins and search for “Snyk Vulnerability Scanner”. The plugin will bring all the findings into your IDE, highlighting the issues in the code, and provide additional content right next to it. Overall, it is extremely easy to install and get started with. For sure, it is worth checking out.

To everyone who’s reached out to suggest additional language support, thank you! Expect us to add more language support—beta and GA—over the coming months. We are sure you will find it useful and are open to any feedback. Let us know what you like and what you need. If you haven’t had a look at Snyk Code yet, now’s the perfect time to do so. Just book a demo session to see how easy it is to put advanced security in the hands of your developers.

SASTソリューションの選択ガイド

4段階のプロセスを通じて、現代のSASTソリューションを評価・選択・導入する手法を確認し、あなたの特定のセキュリティ要件にぴったりのものを見つけ出しましょう。